Back to search
CVE-2002-1647
Published: Mar 28, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
The quick login feature in Slash Slashcode does not redirect the user to an alternate URL when the wrong password is provided, which makes it easier for remote web sites to guess the proper passwords by reading the username and password from the Referrer URL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20020911 slashdot / slashcode disclosing passwords
mailing-list
x_refsource_BUGTRAQ
20020917 Re: slashdot / slashcode disclosing passwords
mailing-list
x_refsource_BUGTRAQ
20020911 Re: slashdot / slashcode disclosing passwords
mailing-list
x_refsource_BUGTRAQ
VU#603945
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now